#!/usr/bin/env bash

# ----------------------------------------------------------------------
# Filename:   08-acl.sh
# Version:    1.0
# Date:       2025/02/26
# Author:     yaoxiyao
# Email:      yaoxiyao@kylinsec.com.cn
# Function:   acl - 08 AQX-QZKZ-001SELinux安全开关有效性/安全策略配置有效性
# Out:
#             0 => TPASS
#             1 => TFAIL
#             2 => TCONF
# ----------------------------------------------------------------------

Title_Env_LTFLIB="强制访问控制测试 - SELinux安全开关有效性/安全策略配置有效性"

## TODO : 个性化,初始化
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestInit_LTFLIB() {
    return $TPASS
}

## TODO : 清理函数
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestClean_LTFLIB() {
    return $TPASS
}

## TODO : 测试设置文件和文件夹
testcase_1() {
    if which ks-showinfo >/dev/null; then
        getenforce | grep "Enforcing"
        CommRetParse_LTFLIB "getenforce |grep \"Enforcing\""
    fi
}

## TODO :
testcase_2() {
    if which ks-showinfo >/dev/null; then
        systemctl restart httpd
        CommRetParse_LTFLIB "systemctl restart httpd"
        systemctl status httpd | grep "Active: active"
        CommRetParse_LTFLIB "systemctl status httpd | grep Active: active"

        systemctl restart memcached
        CommRetParse_LTFLIB "systemctl restart memcached"
        systemctl status memcached | grep "Active: active"
        CommRetParse_LTFLIB "systemctl status memcached | grep Active: active"

        systemctl restart sshd
        CommRetParse_LTFLIB "systemctl restart sshd"
        systemctl status sshd | grep "Active: active"
        CommRetParse_LTFLIB "systemctl status sshd | grep Active: active"
    fi
}

## TODO : 运行测试集
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
Testsuite_LTFLIB() {
    testcase_1
    testcase_2
    return $TPASS
}

#----------------------------------------------#

source "${LIB_LTFLIB}"
Main_LTFLIB $@
